News Post

How China gets free intel on tech companies’ vulnerabilities

ArstechnicaArstechnica · 1y
How China gets free intel on tech companies’ vulnerabilities

China's cybersecurity law mandates that tech companies operating in the country must report vulnerabilities they discover in their products to the Chinese government. This law has raised concerns that it indirectly provides China's state-sponsored hackers with information about potential new vulnerabilities to exploit. Foreign firms with China-based operations have been caught in a dilemma, as the law's two-day disclosure deadline often doesn't align with the time required to patch vulnerabilities, potentially forcing them to give sensitive information to a government that could use it for offensive hacking. Some foreign companies have reportedly complied with the law, raising concerns about the consequences for global cybersecurity.

Comments

Download the medial app to read full posts, comements and news.